package com.zking.secutity;

import com.zking.dao.domain.SysUser;
import com.zking.dao.domain.User;
import com.zking.service.SysRoleService;
import com.zking.service.UserService;
import com.zking.service.ypf.OverRoleUserService;
import com.zking.service.ypf.OverUserService;

import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;

import java.util.*;
public class MyShiroRealm extends AuthorizingRealm {
	private static org.slf4j.Logger logger = LoggerFactory.getLogger(MyShiroRealm.class);

	// 如果项目中用到了事物，@Autowired注解会使事物失效，可以自己用get方法获取值
//	@Autowired
//	private SysRoleService roleService;
//	@Autowired
//	private UserService userService;
	
	//我自己的OverRoleUserService
	@Autowired
	private OverRoleUserService overRoleUserService;
	//我自己的OverUserService
	@Autowired
	private OverUserService overUserService;
	

	/**
	 * 认证信息.(身份验证) : Authentication 是用来验证用户身份
	 *
	 */
	@Override
	protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authcToken)
			throws AuthenticationException {
		logger.info("---------------- 执行 Shiro 凭证认证 ----------------------");
		UsernamePasswordToken token = (UsernamePasswordToken) authcToken;
		String userName = token.getUsername();
		String passWord = String.valueOf(token.getPassword());
		//SysUser user = new SysUser();
		User user=new User();
		user.setPassWord(passWord);
		user.setUserName(userName);
//		user.setUserName(name);
//		user.setPassWord(password);
		// 从数据库获取对应用户名密码的用户
		//SysUser userList = userService.getUser(user);
		User userList=overUserService.getUser(user);
		if (userList != null) {
			// 用户为禁用状态
//			if (userList.getUserEnable() != 1) {
//				throw new DisabledAccountException();
//			}
			logger.info("---------------- Shiro 凭证认证成功 ----------------------");
			SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(
					userList, // 用户
					userList.getPassWord(), // 密码
					userList.getUserName() // realm name 名字
			);
			return authenticationInfo;
		}
		throw new UnknownAccountException();
	}

	/**
	 * 授权
	 */
	@Override
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
		logger.info("---------------- 执行 Shiro 权限获取 ---------------------");
		Object principal = principals.getPrimaryPrincipal();
		System.out.println("111"+principal);
		SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
//		if (principal instanceof User) {
			User userLogin = (User) principal;
			//Set<String> roles = roleService.findRoleNameByUserId(userLogin.getId());
			//查询角色
			Set<String> roles=	overRoleUserService.findRoleNameByUserId(userLogin.getId());
			authorizationInfo.addRoles(roles);

			//Set<String> permissions = userService.findPermissionsByUserId(userLogin.getId());
			//查询权限
			 Set<String> permissions =overUserService.findPermissionsByUserId(userLogin.getId());
			authorizationInfo.addStringPermissions(permissions);
//		}
		logger.info("---- 获取到以下权限 ----");
		logger.info(authorizationInfo.getStringPermissions().toString());
		logger.info("---------------- Shiro 权限获取成功 ----------------------");
		return authorizationInfo;
	}

}
